/*
package cn.topevery.garden.wapi.config;

import cn.hutool.core.collection.CollectionUtil;
import hw.topevery.framework.security.resource.AuthorizeRequest;
import hw.topevery.framework.security.resource.AuthorizeRequestProperties;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.context.annotation.Bean;
import org.springframework.core.annotation.Order;
import org.springframework.http.HttpMethod;
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
import org.springframework.security.web.SecurityFilterChain;

import java.util.List;

//@EnableWebSecurity
public class ResourceServerConfig {

//    @Autowired
    AuthorizeRequestProperties requestProperties;

//    @Bean
//    @Order(1)
    SecurityFilterChain securityFilterChain(HttpSecurity http) throws Exception {
        http
                .authorizeRequests(request -> {
                    if (requestProperties.isEnable()) {
                        List<AuthorizeRequest> authorizeRequests = requestProperties.getRequests();
                        if(CollectionUtil.isNotEmpty(authorizeRequests)){
                            authorizeRequests.forEach(item -> {
                                request.antMatchers(HttpMethod.resolve(item.getHttpMethod()), item.getPatterns()).access(item.getAccess());
                            });
                        }
                    } else {
                        request.anyRequest().permitAll();
                    }
                })
                .csrf().disable()
                .cors().and()
                .oauth2ResourceServer()
                .jwt();

        return http.build();
    }
}
*/
